DevFW-CICD/ingress-nginx-helm
6
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

Merge pull request #1104 from aledbf/ssl-check

Browse source 
Simplify verification of hostname in ssl certificates
This commit is contained in:
Manuel Alejandro de Brito Fontes 2017-08-10 02:12:13 -04:00 committed by GitHub
commit d28ea365fb
5 changed files with 7 additions and 130 deletions
Download patch file Download diff file Expand all files Collapse all files

5
core/pkg/ingress/controller/controller.go
View file

@ -1109,8 +1109,9 @@ func (ic *GenericController) createServers(data []interface{},
}
cert := bc.(*ingress.SSLCert)
if !isHostValid(host, cert) {
glog.Warningf("ssl certificate %v does not contain a common name for host %v", key, host)
err = cert.Certificate.VerifyHostname(host)
if err != nil {
glog.Warningf("ssl certificate %v does not contain a Common Name or Subject Alternative Name for host %v", key, host)
continue
}